question

Ankur Ranpariya avatar image
Ankur Ranpariya asked

Unable to Add Members via Group API.

Hi Community and Support team,

I am facing a few issues with Group API with C# SDK.

I am using C# SDK to communicate with Playfab from Azure Function. Azure Function Application uses the latest SDK version 1.107.211209 via Nuget Package.

We are using Group API for various operations like...

  1. Creating Group for Player 2 using Player 1's Entity Token
  2. Add Members to the group.
  3. Remove Members From the Group.
  4. Promote or demote Player Role.
  5. Add/Remove Group Invite or Apply To Group (this is optional like we can stop using this API to control cost via LiveOps Setting.)

I am trying to Add one of my friend (eg. Player 2) to my group using AddMembers of Group API.

Unfortuanly I am not able to do it and getting error like this

{
    "code": 401,
    "status": "Unauthorized",
    "error": "NotAuthorized",
    "errorCode": 1089,
    "errorMessage": "Entity title_player_account!D#3#4#5#1#6#C#1# is not a member of group group!A#2#0#E#1#2#B#6#."
}

In my case scenario, we manage player info in our Cosmos DB like player Master and player_tItle_accout id.

So when we have to add any player in the group, we are providing Group id and Player ID (Title) and create Request to Add Player in the group

var groupAPIRes = GetGroupAPI(gameTitleId, devSecretKey, context, method);
if (groupAPIRes.HasError)
    return result.UpdateError(groupAPIRes.error, groupAPIRes.detail);

var members = new List<EntityKey> { };
playerTitleIds
    .ToList()
    .ForEach(o => members.Add(CreateTitlePlayerEntityKey(o)));

var group = CreateGroupEntityKey(groupId);
var request = new AddMembersRequest {
    Members = members,
    Group = group,
    RoleId = GroupRoles.MEMBER
};
var response = await groupAPIRes.data.AddMembersAsync(request);


In c# Code we are using Group Instance API. Group Instance API Instance is being generated with App Settings and Authentication Context.

The Authentication context contains the Entity token and Session Ticket from Player 1 (this is the player who executing Azure function from PlayFab Automation Hook)

the Player Title Ids fields are an array of strings that contains other player's Player ID (ID).

I am not sure why I am getting the error. like it's Group Policy Issue, Game Title Policy Issue, or Auth Context Issue.

I also tried to modify my group Policy and added the below content in Group Policy. But that also does not help.

  {
    "Action": "AddMember",
    "Effect": "Allow",
    "Resource": "pfrn:group--*!*/Members/*",
    "Principal": {
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "MY-GAME-TITLE-ID"
      }
    },
    "Comment": "Allow All entities to Add Members to the group",
    "Condition": null
  },
  {
    "Action": "AddMember",
    "Effect": "Allow",
    "Resource": "pfrn:group--*!*/Roles/*/Members/*",
    "Principal": {
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "MY-GAME-TITLE-ID"
      }
    },
    "Comment": "Allow entities to Add any role that they are in",
    "Condition": null
  }

Can you guys provide some insight or some documentation about Policy or Group API restrictions?

Thanks in Advance.

apis
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Gosen Gao avatar image
Gosen Gao answered

As the document of API AddMembers mentioned, this API adds members to a group or role. Existing members of the group will be added to roles within the group, but if the user is not already a member of the group, only title claimants may add them to the group, and others must use the group application or invite system to add new members to a group. Returns nothing if successful. You may need a title level EntityToken to call this API.

3 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Gosen Gao avatar image Gosen Gao commented ·

"Only Title Claimants may add them to the group" means you need a title level EntityToken to call this API to add them to the group.

As for the title level EntityToken, it is contained in each request of Azure Functions. You can get it directly with code below.

FunctionExecutionContext<dynamic> context = JsonConvert.DeserializeObject<FunctionExecutionContext<dynamic>>(await req.ReadAsStringAsync());
string entityToken = context.TitleAuthenticationContext.EntityToken;
1 Like 1 ·
Ankur Ranpariya avatar image Ankur Ranpariya Gosen Gao commented ·

Hi @Gosen Gao

Thanks for the provide the explanation with the example code.

Earlier I have used FunctionExecutaionContext around two years ago. but I was not awaiting about the Token provided with PlayFab function input stream is can be used as Title level Auth token, and my understanding was it is just Player auth token.

But as you explained It can be used as a title level token by providing the type of toke and Id to which it belongs.

After your explanation, I have modified the my code to genater Authetication context for Title, and it is worked for are primary test, I think it will work fine with other test case scenarios also.

Thanks once again for the explanation and example code.

0 Likes 0 ·
Ankur Ranpariya avatar image Ankur Ranpariya commented ·

HI @Gosen Gao

Thanks for the reply.

I didn't understand about Only Title Claimants may add them to the group. Unfortunately, I do not have any idea about Claimants. Can you provide a bit more information about the same?

I also think is not a good idea to use Title level Entity Token. due to various security concerns.

  • Title level entity tokens also have the right to modify other services and entities, but we are looking to use group API only.
  • As we are using Azure Functions it will be another server like a third-party and each request to Azure needs to get Title Token, It might overload the API Calls to PlayFab to retrieve Title Level Entity Token.

PlayFab provides the API GetEntityToken to retrieve entity tokens from server code Let me try to use that API to get a Title level token for testing.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.